August 18, 2022 Why Cryptography Needs to Change

Cryptography needs to change for the world’s data and communications to remain secure.

By Skip Sanzeri, QuSecure COO and Co-Founder

The internet and most of our current cybersecurity largely use just a few types of cryptography: Rivest–Shamir–Adleman (RSA), Elliptic-curve cryptography (ECC) and Advanced Encryption Standard (AES). Currently, these encryption standards provide adequate protection for data and communications. However, as powerful quantum computers become available in the coming years, these cryptographic schemes that are computationally hard for our current computing systems to crack will be broken. And to make it worse, adversarial nation-states are stealing and storing data today waiting for a time when they can decrypt the data using a quantum computer. Thus, our current cryptography needs to change for the world’s data and communications to remain secure.

Quantum cryptography and post-quantum cryptography refer to two different areas of cryptographic research building on principles of quantum physics. Quantum cryptography is also referred to as quantum key distribution (QKD), and post-quantum cryptography (PQC) refers to new mathematical solutions for quantum resistant cryptographic methods. For this article were going to focus on PQC since it is a near-term solution that is much more scalable across the enterprise and global communications.

Algorithms which run on quantum computers will be extremely effective at cracking RSA, ECC, and to a great extent AES, and the search for cryptographic schemes that can resist quantum attacks is a priority in the cryptographic community. The National Institute of Standards (NIST) and the National Security Agency (NSA) have been searching for post-quantum algorithms which are resistant to quantum attacks. In 2016 NIST launched a search “Request for Nominations for Public-Key Post-Quantum Cryptographic Algorithms” which was designed to solicit new quantum resistant algorithms. They are now narrowing to the final few candidates and will announce them in a year or so.

Quantum algorithms that could potentially break asymmetric encryption schemes like RSA and ECC have been around for over 30 years. While the algorithms existed, they were not a threat since quantum computers need to become more powerful and reliable for the algorithms to have a chance at cracking asymmetric cryptography. Now that quantum computers are becoming more of a reality, these algorithms are posing a problem. For example, using Peter Shor’s algorithm on a sufficiently powerful quantum computer, it is possible to break today’s asymmetric cryptographic schemes.

For symmetric cryptography like AES, the situation is different. Lov Grover’s algorithm for quantum computers reduces the equivalent security of the algorithm to half of the length of the key. This result is cryptographically devastating as it means security is reduced (for example) from 128 bits to 64 bits, which makes the attack more than a trillion times faster than before. And the solution is not that easy. Some argue that we could just double the original key, from 128 to 256 bits. Of course, this would help the situation but it is not always easy to implement, as doubling the key size may slow key exchange, and may not be tenable for edge devices like IOT (Internet of Things).

One of the biggest challenges is that cryptographic research and subsequent implementation take time. Developing and standardizing quantum resistant asymmetric cryptography does not happen overnight. It takes time for crypto analysis and corroboration on various solutions, then even more time to broadly implement new cryptography. Even more problematic, changing currently installed enterprise cryptography to new cryptography is akin to changing a tire on a moving vehicle.

So why now? While this may seem like something we do not need to worry about now, there is an immediate need to begin planning for and even implementing post quantum cryptography.

Many are familiar with the “steal now, decrypt later,” or “harvesting” techniques where hackers or adversarial nation-states steal data waiting for a time when they have computers powerful enough to decrypt it (like quantum computers). Of course, once the data is in the hands of the hackers, they can take their time and use all available computing resources to decrypt that data. Most data remains valuable for a minimum of 10 to 25 years, and data stolen today could be decrypted by a quantum computer in coming years.

Ideally enterprises and government agencies should begin to implement post-quantum cryptography right away. The upside is that if data is stolen today, and it is protected with post-quantum algorithms, it could delay future decryption by dozens of years.

Most now believe that it is not a matter of if quantum computers come online with sufficient power to crack current cryptography, but when.

Subscribe to Industry Today